US20020010856A1 - IC, IC-mounted electronic device, debugging method and IC debugger - Google Patents
IC, IC-mounted electronic device, debugging method and IC debugger Download PDFInfo
- Publication number
- US20020010856A1 US20020010856A1 US09/784,151 US78415101A US2002010856A1 US 20020010856 A1 US20020010856 A1 US 20020010856A1 US 78415101 A US78415101 A US 78415101A US 2002010856 A1 US2002010856 A1 US 2002010856A1
- Authority
- US
- United States
- Prior art keywords
- circuit
- debug
- authentication
- key
- transmission key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3648—Software debugging using additional hardware
- G06F11/3656—Software debugging using additional hardware using a specific debug interface
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/31719—Security aspects, e.g. preventing unauthorised access during test
Definitions
- the present invention relates to an IC, an electronic device, a method for debugging the IC, a method for debugging the electronic device, and a debugger, having a security function for preventing a spurious acquisition of a behavior of an internal circuit of the IC.
- FIG. 9 is an explanatory diagram of the prior art.
- an LSI 110 is provided with a CPU 200 , a peripheral circuit 300 , and a bus 600 for connecting therewith.
- the CPU 200 acquires data or programs from the peripheral circuit 300 , and processes the data, and outputs them to the peripheral circuit 300 .
- the CPU 200 is provided with a debug I/F (interface) circuit 400 via another bus 500 .
- An external debug controller 100 of the LSI 110 is connected to the debug I/F 400 , and supplies a clock CLK, and inputs a signal SIN, and obtains an output SOUT.
- This debug I/F circuit 400 is exploited for acquiring a behavior (contents of a program counter, a register, or the like) of the CPU 200 at the time of developing the device, and in the case where the device is shipped to a field, the debug I/F circuit 400 is similarly exploited at the time of the occurrence of a fault, and at the time of diagnosing the device.
- a security function is not provided in the prior art with respect to an access from the debug I/F 400 , as described above.
- a debug I/F terminal In the device which does not require a conventional normal security, a debug I/F terminal is seen from outside irrespective of the time of being unused/the time of being used, and is entirely defenseless for the exploitation by the third person. For this reason, in the case of the device shipped to the field, the third person uses the debug I/F terminal, so that a behavior of a central processing unit (CPU) can accurately and readily be made reverse engineering, and it needs high-performance in security.
- CPU central processing unit
- an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and a debug terminal, and when the debug I/F circuit is activated, transmits a transmission key from the debug terminal to outside, and authenticates from a signal received from the debug terminal and a transmission key, and enables operation of the debug I/F circuit.
- an electronic device mounting with an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit.
- a debugging method comprising the steps of transmitting the transmission key to externally when the debug I/F circuit is activated; and authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit.
- a debugger for debugging an IC comprising an internal circuit; a debug I/F circuit for externally debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit, further comprising: the discrimination device which is provided between a debug unit and the debug I/F circuit, and receives the transmission key to encode it by a predetermined key, and transmits the reception signal.
- the authentication step has a step of canceling a reset signal to the debug I/F circuit for enabling of the operation.
- the authentication circuit cancels the reset signal to the debug I/F circuit for enabling of the operation. For this reason, even if authenticated, it is possible to realize by cancellation of the existent reset.
- the authentication circuit forms an authentication key that is encoded the transmission key by a predetermined key, and compares the reception signal with the authentication key.
- the authentication step has a step of forming the authentication key that is encoded the transmission key by the predetermined key, and of collating the reception signal with the authentication key. As encoded, the higher security is possible.
- the authentication circuit awaits a time of the operation enabling.
- the authentication step has a step of waiting a time of the operation enabling. Before and after judgment of a serial data key, a waiting time is provided after the end of agreement judgment by use of a timer. For this reason, even if the third person inputs any cryptographic key data, it takes much time to obtain authentication results (reset). This causes to prevent the use of the spurious debug I/F by the third person, and furthermore when retrying several times, it takes enormous time.
- the authentication circuit forms the transmission key with random numbers, whereby each time serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the serial data are set as transmission and reception data different every time, rendering the analysis thereof difficult.
- FIG. 1 is a block diagram of an LSI according to an embodiment of the present invention.
- FIG. 2 is an explanatory diagram of an authentication processing of FIG. 1;
- FIG. 3 is an explanatory diagram of a debugging method of the LSI of FIG. 1;
- FIG. 4 is an explanatory diagram of preventing a spurious access to the LSI of FIG. 1;
- FIG. 5 is an explanatory processing of another authentication processing of FIG. 1;
- FIG. 6 is an explanatory diagram of an electronic device mounting the LSI of FIG. 1;
- FIG. 7 is a block diagram of a peripheral circuit of FIG. 1;
- FIG. 8 is a configuration diagram of a POS system mounting the LSI of FIG. 6;
- FIG. 9 is an explanatory diagram of the prior art.
- FIG. 1 is a block diagram of an LSI and a debug mechanism according to a first embodiment of the present invention
- FIG. 2 is an explanatory diagram of the authentication processing
- FIG. 3 is a diagram for explaining operation at the time of a due use
- FIG. 4 is a diagram for explaining operation at the time of a spurious use.
- reference numeral 2 denotes a system LSI with a CPU, and a debug I/F utilization authentication circuit according to the present invention is provided to the LSI 2 .
- Reference numeral 1 denotes an external debug controller for utilizing the debug I/F inside the LSI 2 .
- Reference numeral 3 denotes a discrimination device, which is used by interposing it between the LSI 2 and the debug controller 1 , so as to interlock with the authentication circuit inside the LSI 2 and authenticate.
- the LSI 2 has a debug I/F circuit 2 - 1 , a CPU 2 - 2 , a debug bus 4 - 1 for connecting an I/F circuit 2 - 1 and the CPU 2 - 2 , and a peripheral circuit 2 - 12 connected to a CPU bus 4 - 2 .
- the peripheral circuit 2 - 12 is different according to the use of LSIs, for example, an electronic money funds transferring circuit that will be explained in FIG. 6 on.
- the authentication circuit is provided in this CPU bus 4 - 2 .
- a structure of the authentication circuit is explained.
- a port 4 - 2 receives write data of the CPU 2 - 2 from the bus 4 - 2 .
- a register 2 - 5 stores a debug I/F utilization transmission key formed by the CPU 2 - 2 .
- a register 2 - 8 stores an authentication key formed by the CPU 2 - 2 .
- a transmission circuit 2 - 4 transmits the transmission key of the register 2 - 5 in synchronism with a clock supplied by the discrimination device 3 .
- a shift register 2 - 6 receives a cryptographic key returned from the discrimination device 2 .
- An agreement detection circuit 2 - 9 compares a cryptographic key of the shift register 2 - 6 with an authentication key of a register 2 - 8 , and detects an agreement.
- a timer circuit 2 - 7 starts counting clocks in response to an agreement detection output of the agreement detection circuit 2 - 9 , and forms a signal for canceling a reset signal to the internal debug I/F circuit 2 - 1 after a constant time.
- a reset gate 2 - 11 cancels an input to the debug I/F circuit 2 - 1 of the reset signal according to a reset cancellation signal.
- a reception-enabling gate 2 - 10 enables the shift register 2 - 6 which fetches in data from a signal input terminal SIN in response to a reception-enabling signal from a transmission circuit 2 - 4 .
- the discrimination device 3 is provided with a key reception circuit 3 - 1 .
- the key reception circuit 3 - 1 transmits clocks and receives the aforesaid transmission key, and encodes it by a key determined previously and transmits the cryptographic key.
- the LSI 2 and discrimination device 3 are turned on and activated. Then, a clock is supplied from the discrimination device 3 to the debug I/F 2 - 1 of the LSI 2 . Concurrently, the CPU 2 - 2 is activated in the LSI 2 , and the LSI 2 forms the debug I/F utilizing transmission key and authentication key by a firmware, and writes them into the registers 2 - 5 , 2 - 8 via the bus 4 - 2 and port 2 - 3 . At this time, the transmission key is formed based on a random number, and then the authentication key is generated by encoding the transmission key by a predetermined key.
- the transmission circuit 2 - 4 transmits the transmission key in synchronism with a clock supplied by the discrimination device 3 .
- the key transmission and reception circuit 3 - 1 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key.
- the predetermined key at this time is same as the key used a little while ago by the firmware in the LSI 2 .
- the shift register 2 - 6 receives the returned the cryptographic key, and the agreement detection circuit 2 - 9 compares it with the authentication key of the register 2 - 8 , and only in the case where agreed, the agreement detection circuit 2 - 9 transmits the agreement detection to the timer circuit 2 - 7 .
- the timer circuit 2 - 7 waits for a constant time, and canceled a reset signal to the internal debug I/F 2 - 1 by the gate 2 - 11 .
- the debug I/F circuit 2 - 1 of the LSI 2 can be utilized. Namely, the reset signal is transmitted from the debug controller 1 to the LSI 2 , and resets the debug I/F circuit 2 - 1 , and utilizes the debug I/F circuit 2 - 1 , and can access the CPU 2 - 2 .
- a LSI provider offers the LSI 2 and discrimination device 3 to a developer for an apparatus.
- the encryption key of the LSI 2 is same with the encryption key of the discrimination device 3 .
- the developer mounts the LSI 2 on the target board 7 , and develops the device.
- the LSI 2 is connected to the discrimination device 3 , which is connected to the debug controller 1 , the PC interface board 6 , and the personal computer 5 .
- the discrimination device 3 intervenes therebetween, the above authentication sequence works to cancel a reset, so that the debugger on the PC 5 can utilize the debug I/F circuit 2 - 1 .
- the discrimination device 3 is connected, thereby utilizing the debugger on the PC 5 .
- a security technique such as a conventional password authentication, etc.
- the security function is not performed, and the password is easy to elucidate by retrying.
- the security technique is unfit as a security mechanism of the LSI 2 to be presented to a great number of users.
- the security since in order to realize the security with a set of the discrimination device 3 and LSI 2 , the security is carried out by the physical connection and authentication algorithm, the high security is enabled. Furthermore, the spurious engineering by the PC 5 is difficult.
- the reception operation of the shift register is conducted for a constant time after the transmission key is transmitted, and only one time reception is made at the time of one time activation, and since if data are repeatedly input, not accepted, the engineering is difficult.
- the key transmission and reception circuit 3 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key.
- the predetermined key at this time is same with the key used a little while ago by the firmware in the LSI 2 .
- the discrimination 3 annexes a user ID and transmits it to the LSI 2 .
- the shift register 2 - 6 receives the returned cryptographic key, and the agreement detection circuit 2 - 9 compares it with the authentication key of the register 2 - 8 , and only in the case where agreed, the agreement detection circuit 2 - 9 transmits the agreement detection to the timer circuit 2 - 7 .
- the timer circuit 2 - 7 waits for a constant time, the timer circuit 2 - 7 cancels an input of the reset signal to the internal debug I/F 2 - 1 of the gate 2 - 11 .
- the user ID is logged. For this reason, if information of the transmission key should be leaked, it is possible to specify which user has leaked, from the logged user IDs.
- the description device 3 adopts a method of encoding the received transmission key and use ID by the key, thereby preventing that the user ID is readily changed.
- FIG. 6 is an explanatory diagram of an example to which the system LSI 2 is applied
- FIG. 7 is a structural diagram of a peripheral circuit of the LSI 2 in this application example
- FIG. 8 is an explanatory diagram of the electronic devices.
- the system LSI 2 is a card funds transferring LSI, and has a debit card funds transfer function 40 , a credit card funds transfer function 41 , an electronic money funds transfer function 42 , and other service functions 43 .
- the LSI 2 is connected to an IC card reader/writer 30 , a magnetic card reader 31 , and a display and key 32 .
- the LSI 2 is connected to a receipt printer 33 .
- These funds transfer functions 40 to 43 are realized by execution of the programs of the CPU 2 - 2 of the LSI 2 .
- a card funds transfer function is imparted to various electronic devices 50 to 57 .
- These electronic devices are, for example, a POS (point of sales) reader/writer 50 , an integrated terminal 51 , a mobile terminal 52 , an ATM (automatic teller machine) 53 , an automatic vending machine 54 , a PDA (personal digital assistant) 55 , a portable telephone 56 , and a PC (personal computer) 57 .
- the peripheral circuit 2 - 12 of the LSI 2 for the card funds transfer will be explained with reference to FIG. 7.
- the peripheral circuit 2 - 12 has a smart card controller 60 , a MS (Magnetic stripe) control circuit 61 , a LCD control circuit 62 , a matrix KB control circuit 63 , a memory controller 64 , and serial I/O ports 69 to 72 .
- the above LSI 2 indicates a condition of being mounted on the target board 7 , and for clarity of description of the LSI 2 , only the CPU 2 - 2 and peripheral circuit 2 - 12 ( 60 - 64 , 69 - 72 ) are shown.
- the LSI 2 includes the debug I/F 2 - 1 and the authentication circuit.
- the smart card controller 60 reads/writes data of the IC card (called a smart card) via the IC card reader/writer 30 .
- the MS control circuit controls the MS (magnetic stripe) reader 31 .
- the LCD control circuit 62 controls a display of the LCD (liquid crystal display) 32 - 1 .
- the matrix KB control circuit 63 recognizes an input of a ten key 32 - 2 .
- the memory controller 64 control an input/output into/from various memories (a ROM 65 , a SRAM 66 , a FLASH 67 , a SDRAM 68 ) on the board 7 .
- the serial ports 69 to 72 are connected to drivers 73 to 75 of the port 7 for inputting and outputting the serial data. These are each connected to the CPU bus 4 - 2 .
- FIG. 8 is a system configuration diagram of the electronic device mounting a funds transferring LSI, showing a POS (point of sales) system.
- the network 35 is connected to a store controller 20 and a plurality of POS terminals 10 .
- the POS terminals 10 are connected to the IC card reader/writer 30 .
- the store controller 20 and the plurality of POS terminals 10 are provided with the above funds transferring LSIs (called an IFD), which exchanges directly funds transfer data.
- An IC card 34 - 1 for customers is exchanged messages with a POS IC card 34 - 2 via the IFD 2
- the POS IC card 34 - 2 is exchanged messages with the IC card 34 - 2 of the store controller 20 via an IFD 2 , a terminal controller 11 , a network 35 , the terminal controller 11 , and the IFD 2 .
- a customer's data of the IC card 34 - 1 are stored in the POS IC card 34 - 2 via the IFD 2 .
- the stored data of the POS IC card 34 - 2 are stored in the IC card 34 - 2 of the store controller 20 via the IFD 2 , the terminal controller 11 , the network 35 , the terminal controller 11 , and the IFD 2 .
- an authentication mechanism according to the present invention is, in particular, valid for such uses.
- the reset signal is canceled by the authentication, but a gate may be provided at a clock input side of the debug I/F 2 - 1 , so that a clock input is enabled by the authentication.
- the waiting time are provided by the timer after the agreement judgment, but the waiting time may be performed for the judgment by the timer before the agreement judgment.
- the authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect the internal circuit from dishonesty such as the reverse engineering, etc. of operation of the internal circuit by utilizing the debug I/F of the third person, and to hold the security higher than the conventional device.
Abstract
Authentication circuits 2-3 to 2-11 are provided between a debug I/F circuit 2-1 and a debug terminal. The authentication circuit transmits a transmission key to externally at the time of activation, and authenticates from a received signal and the transmission key, and enables to access a debug I/F. It is possible to prevent a spurious access from the debug I/F by a third person by the authentication circuit.
Description
- 1. Field of the Invention
- The present invention relates to an IC, an electronic device, a method for debugging the IC, a method for debugging the electronic device, and a debugger, having a security function for preventing a spurious acquisition of a behavior of an internal circuit of the IC.
- 2. Description of the Related Arts
- In every field such as an electronic commerce, etc., a device of higher security is demanded. For this reason, various methods for preventing a reverse engineering in the device are devised. However, irrespective of these trials, a reverse engineering ROM, or the like is prepared, and an abuse for a reluctant use for a developer of the device does not become extinct. For this reason, a system in which a third person is incapable of engineering operation itself of the device is demanded.
- FIG. 9 is an explanatory diagram of the prior art. As shown in FIG. 9, an
LSI 110 is provided with aCPU 200, aperipheral circuit 300, and abus 600 for connecting therewith. In thisLSI 110, theCPU 200 acquires data or programs from theperipheral circuit 300, and processes the data, and outputs them to theperipheral circuit 300. - On the other hand, in the case where the device is developed by use of this
LSI 110, a processing behavior of theCPU 200 is directly monitored, and the programs or the like are verified. A verification method for monitoring output data of theperipheral circuit 300 is executed, but a behavior of theCPU 200 up to the output cannot be elucidated from the output data. - For this reason, the
CPU 200 is provided with a debug I/F (interface)circuit 400 via anotherbus 500. Anexternal debug controller 100 of theLSI 110 is connected to the debug I/F 400, and supplies a clock CLK, and inputs a signal SIN, and obtains an output SOUT. - This debug I/
F circuit 400 is exploited for acquiring a behavior (contents of a program counter, a register, or the like) of theCPU 200 at the time of developing the device, and in the case where the device is shipped to a field, the debug I/F circuit 400 is similarly exploited at the time of the occurrence of a fault, and at the time of diagnosing the device. - A security function is not provided in the prior art with respect to an access from the debug I/
F 400, as described above. - In the device which does not require a conventional normal security, a debug I/F terminal is seen from outside irrespective of the time of being unused/the time of being used, and is entirely defenseless for the exploitation by the third person. For this reason, in the case of the device shipped to the field, the third person uses the debug I/F terminal, so that a behavior of a central processing unit (CPU) can accurately and readily be made reverse engineering, and it needs high-performance in security.
- However, in the case where the conventional device uses the CPU provided with the debug I/F function, a clue of analysis is given to the third person. For example, in the case of a POS register using the CPU with the debug I/F function, a debug unit of the debug I/F is connected to a personal computer, etc., so that even data such as a password, a cryptographic key, or the like can readily be searched.
- It is therefore the object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for restricting a use of a debug I/F and preventing a spurious reverse engineering by a third person.
- It is another object of the present invention to provide an IC, an electronic device, a debug method, and a debugger in which an authentication logic is provided between the debug I/F circuit in the LSI and an external terminal, and a restriction is formed in exploiting the debug I/F.
- It is yet another object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for preventing the engineering of the authentication logic between the debug I/F circuit in the LSIs and the external terminal.
- It is a further object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for detecting the spurious reverse engineering by a third person which restricts the use of the debug I/F.
- In order to attain the above objects, according to a first aspect of the present invention there is provided an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and a debug terminal, and when the debug I/F circuit is activated, transmits a transmission key from the debug terminal to outside, and authenticates from a signal received from the debug terminal and a transmission key, and enables operation of the debug I/F circuit.
- According to a second aspect of the present invention there is provided an electronic device mounting with an IC, the IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit.
- According to a third aspect of the present invention there is provided a debugging method comprising the steps of transmitting the transmission key to externally when the debug I/F circuit is activated; and authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit.
- According to a fourth aspect of the present invention there is provided a debugger for debugging an IC, the IC comprising an internal circuit; a debug I/F circuit for externally debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit, further comprising: the discrimination device which is provided between a debug unit and the debug I/F circuit, and receives the transmission key to encode it by a predetermined key, and transmits the reception signal.
- Since an authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect an internal circuit from a dishonesty as performing reverse engineering a motion of the internal circuit, etc. by exploiting the debug I/F of the third person, and to hold security higher than a conventional device.
- Furthermore, since the security is performed by a physical connection and an authentication algorithm by a set of a discrimination device and an IC, the high security is enabled. Furthermore, a spurious engineering by a PC (personal computer) is difficult.
- Furthermore, in the debugging method according to the present invention, the authentication step has a step of canceling a reset signal to the debug I/F circuit for enabling of the operation. In the LSI according to the present invention, the authentication circuit cancels the reset signal to the debug I/F circuit for enabling of the operation. For this reason, even if authenticated, it is possible to realize by cancellation of the existent reset.
- Furthermore, in the LSI according to the present invention, the authentication circuit forms an authentication key that is encoded the transmission key by a predetermined key, and compares the reception signal with the authentication key. In the debugging method according to the present invention, the authentication step has a step of forming the authentication key that is encoded the transmission key by the predetermined key, and of collating the reception signal with the authentication key. As encoded, the higher security is possible.
- In the LSI according to the present invention, the authentication circuit awaits a time of the operation enabling. In the debugging method according to the present invention, the authentication step has a step of waiting a time of the operation enabling. Before and after judgment of a serial data key, a waiting time is provided after the end of agreement judgment by use of a timer. For this reason, even if the third person inputs any cryptographic key data, it takes much time to obtain authentication results (reset). This causes to prevent the use of the spurious debug I/F by the third person, and furthermore when retrying several times, it takes enormous time.
- In the LSI according to the present invention, the authentication circuit forms the transmission key with random numbers, whereby each time serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the serial data are set as transmission and reception data different every time, rendering the analysis thereof difficult.
- FIG. 1 is a block diagram of an LSI according to an embodiment of the present invention;
- FIG. 2 is an explanatory diagram of an authentication processing of FIG. 1;
- FIG. 3 is an explanatory diagram of a debugging method of the LSI of FIG. 1;
- FIG. 4 is an explanatory diagram of preventing a spurious access to the LSI of FIG. 1;
- FIG. 5 is an explanatory processing of another authentication processing of FIG. 1;
- FIG. 6 is an explanatory diagram of an electronic device mounting the LSI of FIG. 1;
- FIG. 7 is a block diagram of a peripheral circuit of FIG. 1; FIG. 8 is a configuration diagram of a POS system mounting the LSI of FIG. 6; and
- FIG. 9 is an explanatory diagram of the prior art.
- The preferred embodiments of the present invention will now be described by sorting it into a LSI, an electronic device, and other embodiments.
- [LSI ]
- FIG. 1 is a block diagram of an LSI and a debug mechanism according to a first embodiment of the present invention, and FIG. 2 is an explanatory diagram of the authentication processing, and FIG. 3 is a diagram for explaining operation at the time of a due use, and FIG. 4 is a diagram for explaining operation at the time of a spurious use.
- In FIG. 1,
reference numeral 2 denotes a system LSI with a CPU, and a debug I/F utilization authentication circuit according to the present invention is provided to theLSI 2.Reference numeral 1 denotes an external debug controller for utilizing the debug I/F inside theLSI 2.Reference numeral 3 denotes a discrimination device, which is used by interposing it between theLSI 2 and thedebug controller 1, so as to interlock with the authentication circuit inside theLSI 2 and authenticate. - The
LSI 2 has a debug I/F circuit 2-1, a CPU 2-2, a debug bus 4-1 for connecting an I/F circuit 2-1 and the CPU 2-2, and a peripheral circuit 2-12 connected to a CPU bus 4-2. The peripheral circuit 2-12 is different according to the use of LSIs, for example, an electronic money funds transferring circuit that will be explained in FIG. 6 on. - In the embodiment of the present invention, the authentication circuit is provided in this CPU bus4-2. A structure of the authentication circuit is explained.
- A port4-2 receives write data of the CPU 2-2 from the bus 4-2. A register 2-5 stores a debug I/F utilization transmission key formed by the CPU 2-2. A register 2-8 stores an authentication key formed by the CPU 2-2. A transmission circuit 2-4 transmits the transmission key of the register 2-5 in synchronism with a clock supplied by the
discrimination device 3. A shift register 2-6 receives a cryptographic key returned from thediscrimination device 2. - An agreement detection circuit2-9 compares a cryptographic key of the shift register 2-6 with an authentication key of a register 2-8, and detects an agreement. A timer circuit 2-7 starts counting clocks in response to an agreement detection output of the agreement detection circuit 2-9, and forms a signal for canceling a reset signal to the internal debug I/F circuit 2-1 after a constant time. A reset gate 2-11 cancels an input to the debug I/F circuit 2-1 of the reset signal according to a reset cancellation signal. A reception-enabling gate 2-10 enables the shift register 2-6 which fetches in data from a signal input terminal SIN in response to a reception-enabling signal from a transmission circuit 2-4.
- Next, the
discrimination device 3 is provided with a key reception circuit 3-1. When thediscrimination 3 is turned on, the key reception circuit 3-1 transmits clocks and receives the aforesaid transmission key, and encodes it by a key determined previously and transmits the cryptographic key. - Next, an operational procedure capable of utilizing the debug I/F will be explained with reference to FIGS. 1 and 2. As shown in FIG. 1, the
debug controller 1 utilizing the debug I/F is connected to theLSI 2 via thediscrimination device 3. - {circle over (1)} First, the
LSI 2 anddiscrimination device 3 are turned on and activated. Then, a clock is supplied from thediscrimination device 3 to the debug I/F 2-1 of theLSI 2. Concurrently, the CPU 2-2 is activated in theLSI 2, and theLSI 2 forms the debug I/F utilizing transmission key and authentication key by a firmware, and writes them into the registers 2-5, 2-8 via the bus 4-2 and port 2-3. At this time, the transmission key is formed based on a random number, and then the authentication key is generated by encoding the transmission key by a predetermined key. - {circle over (2)} When the key is written, the transmission circuit2-4 transmits the transmission key in synchronism with a clock supplied by the
discrimination device 3. - {circle over (3)} The key transmission and reception circuit3-1 in the
discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key. The predetermined key at this time is same as the key used a little while ago by the firmware in theLSI 2. - {circle over (4)} In the
LSI 2, the shift register 2-6 receives the returned the cryptographic key, and the agreement detection circuit 2-9 compares it with the authentication key of the register 2-8, and only in the case where agreed, the agreement detection circuit 2-9 transmits the agreement detection to the timer circuit 2-7. The timer circuit 2-7 waits for a constant time, and canceled a reset signal to the internal debug I/F 2-1 by the gate 2-11. - Thus, for the first time, the debug I/F circuit2-1 of the
LSI 2 can be utilized. Namely, the reset signal is transmitted from thedebug controller 1 to theLSI 2, and resets the debug I/F circuit 2-1, and utilizes the debug I/F circuit 2-1, and can access the CPU 2-2. - As shown in FIG. 3, a LSI provider offers the
LSI 2 anddiscrimination device 3 to a developer for an apparatus. The encryption key of theLSI 2 is same with the encryption key of thediscrimination device 3. The developer mounts theLSI 2 on thetarget board 7, and develops the device. - In the case where the debug is performed, the
LSI 2 is connected to thediscrimination device 3, which is connected to thedebug controller 1, thePC interface board 6, and thepersonal computer 5. When thediscrimination device 3 intervenes therebetween, the above authentication sequence works to cancel a reset, so that the debugger on thePC 5 can utilize the debug I/F circuit 2-1. Furthermore, even after the device is shipped to a field, thediscrimination device 3 is connected, thereby utilizing the debugger on thePC 5. - On the other hand, as shown in FIG. 4, in the case where the
discrimination device 3 is not connected, the reset is not canceled in the debug I/F circuit 2-1 of theLSI 2, and the debugger of thePC 5 cannot access the CPU 2-2 of theLSI 2. For example, after the device is shipped to the field, it is possible to protect the CPU 2-2 from dishonesty such as reverse engineering of internal operation of the CPU 2-2 by utilizing the debug I/F of the third person, and to hold the higher security than the conventional device. - Namely, in a security technique such as a conventional password authentication, etc., if the password is leaked, the security function is not performed, and the password is easy to elucidate by retrying. Accordingly, the security technique is unfit as a security mechanism of the
LSI 2 to be presented to a great number of users. According to this embodiment, since in order to realize the security with a set of thediscrimination device 3 andLSI 2, the security is carried out by the physical connection and authentication algorithm, the high security is enabled. Furthermore, the spurious engineering by thePC 5 is difficult. - Furthermore, in some cases, since the aforesaid utilization authentication function is an encryption algorithm, a skillful spurious person knows existence of the authentication mechanism and tries the engineering by retrying the encryption key (data). According to this embodiment, since this engineering becomes difficult, the next technique is adopted.
- First, after the serial data key is judged, waiting time is provided after end of the agreement judgment by use of the timer2-7. For this reason, even if the third person inputs any cryptographic key data by connection of FIG. 4, it takes much time until obtaining authentication results (reset). Thus, the spurious debug I/F utilization by the third person is prevented, and it takes enormous time when retrying several times.
- Second, each time the serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the engineering becomes difficult as set as transmission and reception data different each time.
- Third, the reception operation of the shift register is conducted for a constant time after the transmission key is transmitted, and only one time reception is made at the time of one time activation, and since if data are repeatedly input, not accepted, the engineering is difficult.
- Next, in FIG. 5, the authentication processing according to another embodiment of the present invention will be explained.
- {circle over (1)} First of all, when the
LSI 2 anddiscrimination device 3 are turned on, a clock is supplied from thediscrimination device 3 to the debug I/F 2-1 of theLSI 2. Concurrently, in theLSI 2, the CPU 2-2 is activated to form the debug I/F utilization transmission key and authentication key by the firmware, as described above, to write them into the registers 2-5, 2-8 via the bus 4-2 and the port 2-3. - {circle over (2)} When the key is written, in synchronism with the clock supplied by the
discrimination device 3, the transmission circuit 2-4 transmits the transmission key. - {circle over (3)} The key transmission and
reception circuit 3 in thediscrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key. The predetermined key at this time is same with the key used a little while ago by the firmware in theLSI 2. Thediscrimination 3 annexes a user ID and transmits it to theLSI 2. - {circle over (4)} In the
LSI 2, the shift register 2-6 receives the returned cryptographic key, and the agreement detection circuit 2-9 compares it with the authentication key of the register 2-8, and only in the case where agreed, the agreement detection circuit 2-9 transmits the agreement detection to the timer circuit 2-7. After the timer circuit 2-7 waits for a constant time, the timer circuit 2-7 cancels an input of the reset signal to the internal debug I/F 2-1 of the gate 2-11. Furthermore, the user ID is logged. For this reason, if information of the transmission key should be leaked, it is possible to specify which user has leaked, from the logged user IDs. - According to the embodiment of the present invention, the
description device 3 adopts a method of encoding the received transmission key and use ID by the key, thereby preventing that the user ID is readily changed. - [Electronic Devices ]
- Next, electronic devices mounting the
aforesaid system LSI 2 will be explained. FIG. 6 is an explanatory diagram of an example to which thesystem LSI 2 is applied, and FIG. 7 is a structural diagram of a peripheral circuit of theLSI 2 in this application example, and FIG. 8 is an explanatory diagram of the electronic devices. - As shown in FIG. 6, the
system LSI 2 is a card funds transferring LSI, and has a debit cardfunds transfer function 40, a credit cardfunds transfer function 41, an electronic moneyfunds transfer function 42, and other service functions 43. For this reason, theLSI 2 is connected to an IC card reader/writer 30, amagnetic card reader 31, and a display and key 32. Furthermore, as occasion arises, theLSI 2 is connected to areceipt printer 33. Thesefunds transfer functions 40 to 43 are realized by execution of the programs of the CPU 2-2 of theLSI 2. - Accordingly, by mounting this
LSI 2, a card funds transfer function is imparted to variouselectronic devices 50 to 57. These electronic devices are, for example, a POS (point of sales) reader/writer 50, anintegrated terminal 51, amobile terminal 52, an ATM (automatic teller machine) 53, anautomatic vending machine 54, a PDA (personal digital assistant) 55, aportable telephone 56, and a PC (personal computer) 57. - The peripheral circuit2-12 of the
LSI 2 for the card funds transfer will be explained with reference to FIG. 7. The peripheral circuit 2-12 has asmart card controller 60, a MS (Magnetic stripe)control circuit 61, aLCD control circuit 62, a matrixKB control circuit 63, amemory controller 64, and serial I/O ports 69 to 72. In FIG. 7, theabove LSI 2 indicates a condition of being mounted on thetarget board 7, and for clarity of description of theLSI 2, only the CPU 2-2 and peripheral circuit 2-12 (60-64, 69-72) are shown. Of course, theLSI 2 includes the debug I/F 2-1 and the authentication circuit. - The
smart card controller 60 reads/writes data of the IC card (called a smart card) via the IC card reader/writer 30. The MS control circuit controls the MS (magnetic stripe)reader 31. TheLCD control circuit 62 controls a display of the LCD (liquid crystal display) 32-1. The matrixKB control circuit 63 recognizes an input of a ten key 32-2. Thememory controller 64 control an input/output into/from various memories (aROM 65, aSRAM 66, aFLASH 67, a SDRAM 68) on theboard 7. Theserial ports 69 to 72 are connected todrivers 73 to 75 of theport 7 for inputting and outputting the serial data. These are each connected to the CPU bus 4-2. - FIG. 8 is a system configuration diagram of the electronic device mounting a funds transferring LSI, showing a POS (point of sales) system. The
network 35 is connected to astore controller 20 and a plurality ofPOS terminals 10. ThePOS terminals 10 are connected to the IC card reader/writer 30. Thestore controller 20 and the plurality ofPOS terminals 10 are provided with the above funds transferring LSIs (called an IFD), which exchanges directly funds transfer data. - An IC card34-1 for customers is exchanged messages with a POS IC card 34-2 via the
IFD 2, and the POS IC card 34-2 is exchanged messages with the IC card 34-2 of thestore controller 20 via anIFD 2, aterminal controller 11, anetwork 35, theterminal controller 11, and theIFD 2. - For example, in the case where the electronic funds transfer is carried out by the IC card, a customer's data of the IC card34-1 are stored in the POS IC card 34-2 via the
IFD 2. Thereafter, the stored data of the POS IC card 34-2 are stored in the IC card 34-2 of thestore controller 20 via theIFD 2, theterminal controller 11, thenetwork 35, theterminal controller 11, and theIFD 2. - In this system, as a route of the electronic funds transfer data is closed by the
IFD 2, there is no fear that funds transfer data (a password, an accounting number, a balance, and the like) are leaked. Therefore, safety is high. - However, as described above, if accessing the CPU2-2 by utilizing the debug I/F, it is possible to make a spurious acquisition of funds transfer data (a password, an accounting number, a balance, and the like), so that there is a fear of abusing. Accordingly, an authentication mechanism according to the present invention is, in particular, valid for such uses.
- [Other Embodiments ]
- In addition to the aforesaid embodiments, the following modifications according to the present invention are possible:
- (1) According to the aforesaid embodiments, the reset signal is canceled by the authentication, but a gate may be provided at a clock input side of the debug I/F2-1, so that a clock input is enabled by the authentication.
- (2) According to the aforesaid embodiments, the waiting time are provided by the timer after the agreement judgment, but the waiting time may be performed for the judgment by the timer before the agreement judgment.
- (3) In the case where the disagreement is detected by the agreement judgment, this can be notified to the peripheral circuit. Thus, the peripheral circuit judges as a spurious access, and for example, it is possible to make a disposition such as erasing of data required for the security.
- (4) The system LSI is explained for the card funds transfer, but it may be used as the other applications.
- (5) The explanation is made as the debug I/F of the CPU, but the present invention can be applied to the debug I/F of the other circuits.
- Although the present invention has been described in light of the preferred embodiments thereof, the present invention could be variously modified without departing from the sprit of the present invention, and those modifications are not to be excluded from the scope of the invention.
- As set forth hereinabove, according to the present invention, the following effects are presented.
- Since the authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect the internal circuit from dishonesty such as the reverse engineering, etc. of operation of the internal circuit by utilizing the debug I/F of the third person, and to hold the security higher than the conventional device.
- Furthermore, since the security is carried out by the physical connection and authentication algorithm with a set of the
discrimination device 3 andLSI 2, therefore, the high security is enabled. Furthermore, the spurious engineering by thePC 5 is difficult.
Claims (17)
1. An IC comprising;
an internal circuit;
a debug I/F circuit for debugging the internal circuit from externally; and
an authentication circuit which is provided between the debug I/F circuit and a debug terminal for connecting outside, and for transmitting a transmission key from the debug terminal to outside, and authenticating from a signal received from the debug terminal and said transmission key to enable operation of the debug I/F circuit.
2. The IC according to claim 1 , wherein the authentication circuit cancels a reset signal to the debug I/F circuit for enabling the operation.
3. The IC according to claim 1 , wherein the authentication circuit generates an authentication key that is encrypted the transmission key by a predetermined key, and collates said reception signal with the authentication key.
4. The IC according to claim 1 , wherein the authentication circuit time-awaits the operation enabling.
5. The IC according to claim 1 , wherein the authentication circuit generates the transmission key by random numbers.
6. An electronic device mounted with an IC, said IC comprising;
an internal circuit;
a debug I/F circuit for debugging the internal circuit from externally; and
an authentication circuit which is provided between the debug I/F circuit and a debug terminal for connecting outside, and for transmitting a transmission key from the debug terminal to outside, and collating the signal received from the debug terminal with the transmission key to enable operation of the debug I/F circuit.
7. The electronic device according to claim 6 , wherein the authentication circuit cancels the reset signal to the debug I/F circuit for enabling the operation.
8. The electronic device according to claim 6 , wherein the authentication circuit generates the authentication key that is encrypted the transmission key by a predetermined key, and collates the reception signal with the authentication key.
9. The electronic device according to claim 6 , wherein the authentication circuit time-awaits the operation enabling.
10. The electronic device according to claim 6 , wherein the authentication circuit forms the transmission key by the random numbers.
11. A debugging method for utilizing a debug I/F circuit and debugging an internal circuit from externally, comprising the steps of:
transmitting a transmission key to externally when the debug I/F circuit is activated; and
authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit.
12. The debugging method according to claim 11 , wherein the authentication step includes a step of canceling a reset signal to the debug I/F circuit for enabling the operation.
13. The debugging method according to claim 11 , wherein the authentication step includes;
a step of generating a authentication key that is encrypted the transmission key by a predetermined key, and
a step of collating the received signal with the authentication key.
14. The debugging method according to claim 11 , wherein the authentication step has a step of time-awaiting the operation enabling.
15. The debugging method according to claim 11 , wherein the transmission step has a step of forming the transmission key by the random numbers.
16. The debugging method according to claim 11 , wherein further comprising;
a step of receiving the transmission key and encoding by a predetermined key, and transmitting the received signal with a discrimination device provided between a debugger and the debug I/F circuit.
17. A debugger for debugging an IC, the IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, said debugger comprising;
a debug unit for debugging said LSI; and
a discrimination device which is provided between said debug unit and said debug I/F circuit, and for receiving a transmission key from said authentication circuit, encrypting said transmission key by a predetermined key, and transmitting the encrypted key to said authentication circuit to enable debugging of said IC by said debug unit.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000-199266 | 2000-06-30 | ||
JP2000199266A JP4409056B2 (en) | 2000-06-30 | 2000-06-30 | LSI, LSI mounted electronic device, debugging method, LSI debugging device |
Publications (2)
Publication Number | Publication Date |
---|---|
US20020010856A1 true US20020010856A1 (en) | 2002-01-24 |
US7080258B2 US7080258B2 (en) | 2006-07-18 |
Family
ID=18697312
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/784,151 Expired - Fee Related US7080258B2 (en) | 2000-06-30 | 2001-02-16 | IC, IC-mounted electronic device, debugging method and IC debugger |
Country Status (3)
Country | Link |
---|---|
US (1) | US7080258B2 (en) |
EP (1) | EP1168181A3 (en) |
JP (1) | JP4409056B2 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030005335A1 (en) * | 2001-06-28 | 2003-01-02 | Hidekazu Watanabe | Protecting secured codes and circuits in an integrated circuit |
US20060005260A1 (en) * | 2004-06-24 | 2006-01-05 | Hiroyoshi Haruki | Microprocessor |
US20060112241A1 (en) * | 2004-11-24 | 2006-05-25 | Yoav Weiss | System, method and apparatus of securing an operating system |
US20060248393A1 (en) * | 2005-04-28 | 2006-11-02 | Kabushiki Kaisha Toshiba | Electronic apparatus |
US20070016959A1 (en) * | 2005-07-15 | 2007-01-18 | Yuichi Ikeda | Information processing device and information processing system |
US20080098224A1 (en) * | 2006-10-24 | 2008-04-24 | Spreadtrum Communications Corporation | Processes and apparatus for establishing a secured connection with a joint test action group port |
US20120250865A1 (en) * | 2011-03-23 | 2012-10-04 | Selerity, Inc | Securely enabling access to information over a network across multiple protocols |
US9330268B2 (en) | 2009-05-21 | 2016-05-03 | Samsung Electronics Co, Ltd. | Storage devices with secure debugging capability and methods of operating the same |
US20160266623A1 (en) * | 2015-03-10 | 2016-09-15 | Canon Kabushiki Kaisha | Information processing apparatus, method for controlling information processing apparatus, and storage medium |
US20170081573A1 (en) * | 2014-05-23 | 2017-03-23 | 3M Innovative Properties Company | A Discontinuous Silicone Adhesive Article |
US20170342299A1 (en) * | 2013-06-24 | 2017-11-30 | 3M Innovative Properties Company | Pressure-Sensitive Adhesive Layers with Surface-Enriched Stripes and Methods of Making |
US10705141B2 (en) * | 2017-10-11 | 2020-07-07 | Stmicroelectronics (Rousset) Sas | Method for managing a return of a product for analysis and corresponding product |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4409056B2 (en) * | 2000-06-30 | 2010-02-03 | 富士通株式会社 | LSI, LSI mounted electronic device, debugging method, LSI debugging device |
JP4552366B2 (en) | 2001-07-09 | 2010-09-29 | 日本電気株式会社 | Mobile portable terminal, position search system, position search method and program thereof |
EP1443338A1 (en) * | 2003-02-03 | 2004-08-04 | STMicroelectronics Limited | Secure test arrangement |
US7444546B2 (en) | 2003-04-17 | 2008-10-28 | Arm Limited | On-board diagnostic circuit for an integrated circuit |
JP2007226276A (en) * | 2004-03-24 | 2007-09-06 | Matsushita Electric Ind Co Ltd | Debug permission device system |
JP3804670B2 (en) * | 2004-04-21 | 2006-08-02 | セイコーエプソン株式会社 | Semiconductor device, electronic device, and access control method for semiconductor device |
JP4559794B2 (en) * | 2004-06-24 | 2010-10-13 | 株式会社東芝 | Microprocessor |
JP4814993B2 (en) * | 2007-03-27 | 2011-11-16 | 富士通株式会社 | Device to be debugged, authentication program, and debug authentication method |
US9141776B2 (en) | 2008-04-30 | 2015-09-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for secure hardware analysis |
JP2010067089A (en) * | 2008-09-11 | 2010-03-25 | Toshiba Corp | System lsi |
US8266684B2 (en) * | 2008-09-30 | 2012-09-11 | General Instrument Corporation | Tokenized resource access |
US8484451B2 (en) * | 2010-03-11 | 2013-07-09 | St-Ericsson Sa | Method and apparatus for software boot revocation |
EP2746952B1 (en) | 2012-12-18 | 2017-02-08 | Neopost Technologies | Secured management of traces in a mail processing device |
WO2017072664A1 (en) * | 2015-10-27 | 2017-05-04 | Marvell World Trade Ltd. | System and method for establishing a trusted diagnosis/debugging agent over a closed commodity device |
US11665002B2 (en) | 2020-12-11 | 2023-05-30 | International Business Machines Corporation | Authenticated elevated access request |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4908038A (en) * | 1987-10-29 | 1990-03-13 | Toppan Printing Co., Ltd | High-security integrated-circuit card |
US5704039A (en) * | 1994-07-25 | 1997-12-30 | Motorola, Inc. | Mask programmable security system for a data processor and method therefor |
US5784464A (en) * | 1995-05-02 | 1998-07-21 | Fujitsu Limited | System for and method of authenticating a client |
US5978937A (en) * | 1994-12-28 | 1999-11-02 | Kabushiki Kaisha Toshiba | Microprocessor and debug system |
US6073176A (en) * | 1996-07-29 | 2000-06-06 | Cisco Technology, Inc. | Dynamic bidding protocol for conducting multilink sessions through different physical termination points |
US6374354B1 (en) * | 1997-07-15 | 2002-04-16 | Silverbrook Research Pty Ltd | Consumable authentication protocol and system |
US6622184B1 (en) * | 1999-06-04 | 2003-09-16 | Kabushiki Kaisha Toshiba | Information processing system |
US6757829B1 (en) * | 1998-05-29 | 2004-06-29 | Texas Instruments Incorporated | Program debugging system for secure computing device having secure and non-secure modes |
US6769065B2 (en) * | 1998-08-06 | 2004-07-27 | Infineon Technologies Ag | Access authorization device for controlling access requested by an OCDS module |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4409056B2 (en) * | 2000-06-30 | 2010-02-03 | 富士通株式会社 | LSI, LSI mounted electronic device, debugging method, LSI debugging device |
-
2000
- 2000-06-30 JP JP2000199266A patent/JP4409056B2/en not_active Expired - Fee Related
-
2001
- 2001-02-16 US US09/784,151 patent/US7080258B2/en not_active Expired - Fee Related
- 2001-06-29 EP EP01401743A patent/EP1168181A3/en not_active Withdrawn
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4908038A (en) * | 1987-10-29 | 1990-03-13 | Toppan Printing Co., Ltd | High-security integrated-circuit card |
US5704039A (en) * | 1994-07-25 | 1997-12-30 | Motorola, Inc. | Mask programmable security system for a data processor and method therefor |
US5978937A (en) * | 1994-12-28 | 1999-11-02 | Kabushiki Kaisha Toshiba | Microprocessor and debug system |
US5784464A (en) * | 1995-05-02 | 1998-07-21 | Fujitsu Limited | System for and method of authenticating a client |
US6073176A (en) * | 1996-07-29 | 2000-06-06 | Cisco Technology, Inc. | Dynamic bidding protocol for conducting multilink sessions through different physical termination points |
US6374354B1 (en) * | 1997-07-15 | 2002-04-16 | Silverbrook Research Pty Ltd | Consumable authentication protocol and system |
US6757829B1 (en) * | 1998-05-29 | 2004-06-29 | Texas Instruments Incorporated | Program debugging system for secure computing device having secure and non-secure modes |
US6769065B2 (en) * | 1998-08-06 | 2004-07-27 | Infineon Technologies Ag | Access authorization device for controlling access requested by an OCDS module |
US6622184B1 (en) * | 1999-06-04 | 2003-09-16 | Kabushiki Kaisha Toshiba | Information processing system |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030005335A1 (en) * | 2001-06-28 | 2003-01-02 | Hidekazu Watanabe | Protecting secured codes and circuits in an integrated circuit |
US7707645B2 (en) * | 2004-06-24 | 2010-04-27 | Kabushiki Kaisha Toshiba | Microprocessor |
US20060005260A1 (en) * | 2004-06-24 | 2006-01-05 | Hiroyoshi Haruki | Microprocessor |
US20060112241A1 (en) * | 2004-11-24 | 2006-05-25 | Yoav Weiss | System, method and apparatus of securing an operating system |
WO2006056988A2 (en) * | 2004-11-24 | 2006-06-01 | Discretix Technologies Ltd. | System, method and apparatus of securing an operating system |
WO2006056988A3 (en) * | 2004-11-24 | 2006-12-21 | Discretix Technologies Ltd | System, method and apparatus of securing an operating system |
GB2435780A (en) * | 2004-11-24 | 2007-09-05 | Discretix Technologies Ltd | System,method and apparatus of securing an operating system |
US20060248393A1 (en) * | 2005-04-28 | 2006-11-02 | Kabushiki Kaisha Toshiba | Electronic apparatus |
US20070016959A1 (en) * | 2005-07-15 | 2007-01-18 | Yuichi Ikeda | Information processing device and information processing system |
US20080098224A1 (en) * | 2006-10-24 | 2008-04-24 | Spreadtrum Communications Corporation | Processes and apparatus for establishing a secured connection with a joint test action group port |
US9330268B2 (en) | 2009-05-21 | 2016-05-03 | Samsung Electronics Co, Ltd. | Storage devices with secure debugging capability and methods of operating the same |
US20120250865A1 (en) * | 2011-03-23 | 2012-10-04 | Selerity, Inc | Securely enabling access to information over a network across multiple protocols |
US20170342299A1 (en) * | 2013-06-24 | 2017-11-30 | 3M Innovative Properties Company | Pressure-Sensitive Adhesive Layers with Surface-Enriched Stripes and Methods of Making |
US20170081573A1 (en) * | 2014-05-23 | 2017-03-23 | 3M Innovative Properties Company | A Discontinuous Silicone Adhesive Article |
US20160266623A1 (en) * | 2015-03-10 | 2016-09-15 | Canon Kabushiki Kaisha | Information processing apparatus, method for controlling information processing apparatus, and storage medium |
US10133326B2 (en) * | 2015-03-10 | 2018-11-20 | Canon Kabushiki Kaisha | Information processing apparatus, method for controlling information processing apparatus, and storage medium for establishing link-up between communication devices |
US10705141B2 (en) * | 2017-10-11 | 2020-07-07 | Stmicroelectronics (Rousset) Sas | Method for managing a return of a product for analysis and corresponding product |
US11143701B2 (en) | 2017-10-11 | 2021-10-12 | Stmicroelectronics (Rousset) Sas | Method for managing a return of a product for analysis and corresponding product |
Also Published As
Publication number | Publication date |
---|---|
EP1168181A3 (en) | 2006-03-01 |
JP2002014838A (en) | 2002-01-18 |
JP4409056B2 (en) | 2010-02-03 |
EP1168181A2 (en) | 2002-01-02 |
US7080258B2 (en) | 2006-07-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7080258B2 (en) | IC, IC-mounted electronic device, debugging method and IC debugger | |
EP1318456B1 (en) | Electronic apparatus and debug authorization method | |
USRE47621E1 (en) | Secure transaction microcontroller with secure boot loader | |
US8675868B1 (en) | Encrypting an address-dependent value along with code to prevent execution or use of moved code | |
US20210258784A1 (en) | Detection of a rerouting of a communication channel of a telecommunication device connected to an nfc circuit | |
US20070067634A1 (en) | System and method for restricting access to a terminal | |
US20140195429A1 (en) | Method for protecting cardholder data in a mobile device that performs secure payment transactions and which enables the mobile device to function as a secure payment terminal | |
JPS6256556B2 (en) | ||
CN101166085A (en) | Remote unlocking method and system | |
US7246375B1 (en) | Method for managing a secure terminal | |
US20070174615A1 (en) | Method and device for communication using random codes | |
EP1082710A1 (en) | Preloaded ic-card and method for authenticating the same | |
WO2007010333A1 (en) | Host security module using a collection of smartcards | |
US6662151B1 (en) | System for secured reading and processing of data on intelligent data carriers | |
US20060289656A1 (en) | Portable electronic apparatus and data output method therefor | |
CN111414605B (en) | Unlocking method and device of embedded security unit, electronic equipment and storage medium | |
Petri | An introduction to smart cards | |
JP5923727B2 (en) | Information processing system | |
US9652232B2 (en) | Data processing arrangement and method for data processing | |
TWI646481B (en) | Pairing authentication method for electronic transaction device | |
EP1486908A1 (en) | Smart card with two I/O ports for linking secure and insecure environments | |
JP2010160765A (en) | System lsi and debugging method thereof | |
US9195857B2 (en) | Computational system | |
WO2021054854A1 (en) | Generation and use of a trusted digital image of a document | |
Silbermann et al. | Security Analysis of Contactless Payment Systems in Practice |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: FUJITSU LIMITED, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KAWASAKI, YUSUKE;HASHIMOTO, SHIGERU;REEL/FRAME:011562/0338 Effective date: 20010118 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
REMI | Maintenance fee reminder mailed | ||
LAPS | Lapse for failure to pay maintenance fees | ||
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20140718 |